Complete DHS Report for December 1, 2014
Daily Report
Top Stories
• Around 131,000
homes in New Hampshire were without power November 28 following a snowstorm the
caused outages to over 200,000 customers late November 26. – Associated
Press
1. November 28, Associated Press – (New Hampshire)
N.H. hit hard by storm-related power outages. Around 131,000 customers
in New Hampshire were without power November 28 following a snowstorm the
caused outages to over 200,000 customers late November 26. Crews were
continuing work to restore power to affected customers. Source: https://www.bostonglobe.com/metro/2014/11/27/thanksgiving-storm-winding-down/NGqMzbQY8y8GSfzWRqgdMO/story.html
• The Madison
Metropolitan Sewerage District in Wisconsin reported November 26 that
approximately 500,000 gallons of untreated wastewater was discharged over a
25-hour period when three pumps failed November 16. – Wisconsin State
Journal
14. November 27, Wisconsin State Journal –
(Wisconsin) Madison Metropolitan Sewage District reports 500,000-gallon
spill in mid-November. The Madison Metropolitan Sewerage District reported
November 26 that approximately 500,000 gallons of untreated wastewater was
intermittently discharged over a 25-hour period on Madison’s north side
November 16 when the primary pump and 2 backup pumps failed while a contractor
was in the process of relining the interceptor sewer and diverting the
wastewater. Source: http://host.madison.com/wsj/news/local/govt-and-politics/madison-metropolitan-sewage-district-reports--gallon-spill-in-mid/article_2a54a1c8-bed2-5d87-9b9e-c877f73c72b5.html
• A gunman was
fatally shot November 28 after he fired more than 100 shots at government
buildings in downtown Austin, Texas, including the federal courthouse and the
police department’s headquarters as well as attempting to set fire to the
Mexican consulate. – NBC News
16. November 28, NBC News – (Texas) Gunman dead
after shots fired at police HQ, Mexican consulate in Austin. A gunman fired
more than 100 shots in downtown Austin November 28 targeting a federal
courthouse, the Mexican consulate, and the police department’s headquarters,
and then attempted to set fire to the consulate. Authorities shut down
Interstate 35 for more than 3 hours while they investigated the death of the
gunman and suspicious devices that were found in the suspect’s vehicle and
attached to the suspect’s body. Source: http://www.nbcnews.com/news/us-news/gunman-dead-after-shots-fired-police-hq-mexican-consulate-austin-n257626
• Researchers
identified a new point of sale (PoS) malware dubbed DareDevil, designed to
steal payment card information from multiple PoS systems. – Softpedia
26. November 27, Softpedia – (International) New
DareDevil PoS malware also infects ticket machines and electronic kiosks. Researchers
with IntelCrawler identified a new piece of point of sale (PoS) malware dubbed
DareDevil that has been found affecting several PoS products including Figure
Gemini PoS, Harmony WinPOS, OSIPOS Retail Management System, and QuickBooks
Point of Sale Multi-Store and includes features such as backdoor access,
keylogging, and RAM scraping. The malware was also found to be targeting PoS
systems on mass transit system ticket kiosks. Source: http://news.softpedia.com/news/New-DareDevil-PoS-Malware-Also-Infects-Ticket-Machines-and-Electronic-Kiosks-465985.shtml
Financial Services Sector
See
item 26 above in Top Stories
Information Technology Sector
20. November
28, Softpedia – (International) Syrian Electronic Army Thanksgiving hack of
Microsoft, NBC, Dell, Forbes used Gigya comment platform. The creators of
the Gigya comment platform announced that they closed a vulnerability in the
product that allowed attackers claiming affiliation with the Syrian Electronic
Army hacktivist group to place pop-up messages on the Web sites of several
major technology, news, and other entities November 27. The attackers took
advantage of GoDaddy to alter Gigya’s Domain Name System (DNS) in order to
place the messages. Source: http://news.softpedia.com/news/Syrian-Electronic-Army-Thanksgiving-Hack-of-Microsoft-NBC-Dell-Forbes-Used-Gigya-Comment-Platform-466106.shtml
21. November
27, IDG News Service – (International) Weather.com fixes web application
vulnerabilities. The Weather Channel fixed a Web application security issue
on its Web site after a student researcher identified and reported the issue
which made most links from the Web site vulnerable to cross-site scripting
(XSS) attacks. Source: http://www.networkworld.com/article/2853293/weathercom-fixes-web-application-vulnerabilities.html
22. November
26, Securityweek – (International) Man pleads guilty to selling StealthGenie
spyware. A Danish citizen pleaded guilty in federal court November 25 and
was ordered to pay a $500,000 fine for advertising and selling the StealthGenie
mobile device spyware. Source: http://www.securityweek.com/man-pleads-guilty-selling-stealthgenie-spyware
For another story, see item 26 above in Top Stories
Communications Sector
See item 21 above in the Information Technology
Sector